WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Via NTFS 5, Windows 2000 and XP both
support EFS  Encrypting File System. EFS use PKI
certificates14 to allow each user of a computer to encrypt their
own files. Until unencrypted, no one else may view the contents of
the file (with one exception, covered shortly). Using encryption provides
a huge security advantage over just using NTFS permissions to secure
files. As discussed previously, it is possible to bypass NTFS permissions
both by using specialist tools, and by installing the hard drive with
the target files into a different computer, and using a parallel installation
of Windows to access them. When a file is encrypted, it remains encrypted.
To use EFS, simply locate the file you wish to encrypt 15and right click it. In this example we will encrypt
a confidential text file, shown in Figure 162.

Figure 162: Example of Encrypting a File

Select Properties,
and click the Advanced button in the properties window that
appears. The dialog in Figure 163
appears.

Figure 163: Encryption - Advanced Attributes

To encrypt the file, tick
Encrypt contents to secure data, and click OK. You will
be presented with the following warning.

Figure 164: Encryption Warning

The warning is self-explanatory,
but very important. In this example, we only wish to encrypt a single
file, so select Encrypt the file only and click OK. The
file will be immediately encrypted and accessible only to the current
user.

Locate the file in an Explorer window,
and double click it. When the file opens, it will appear as though
it was never encrypted.

Figure 165: Encrypted File Opens Normally

This demonstrates that
EFS operates on the fly, decrypting and encrypting files
as they are accessed.

__________________

14. The specifics of PKI are outside the scope of the A+ objectives, and are covered in detail by your authors incovered in more detail in the CertiGuide to Security+.

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to A+ (A+ 4 Real) from StudyExam4Less.com. Thanks for your support!